US20070160062A1 - Systems And Methods For Improved Network Based Content Inspection - Google Patents
Systems And Methods For Improved Network Based Content Inspection Download PDFInfo
- Publication number
- US20070160062A1 US20070160062A1 US11/620,556 US62055607A US2007160062A1 US 20070160062 A1 US20070160062 A1 US 20070160062A1 US 62055607 A US62055607 A US 62055607A US 2007160062 A1 US2007160062 A1 US 2007160062A1
- Authority
- US
- United States
- Prior art keywords
- inspection
- content
- payload
- data
- message digest
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/564—Enhancement of application control based on intercepted application data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
Definitions
- the invention relates to network based content inspection (NBCI). More specifically, the invention provides systems and methods for improved NBCI in complex networks that are typical for enterprises and service providers. These networks are shared by large numbers of concurrent users who send and retrieve application content of various sizes via a variety of communication protocols. This invention improves the efficiency of the NBCI of an individual communication session by learning from the processing results of other communication sessions which may be carried via different network protocols without weakening. the overall security of the network. In addition, the invention provides methods to improve the stability of NBCI systems by minimizing the risk of system resource exhaustion if subjected to a burst of large payloads. The invention also improves perceived network stability by preventing the system resources from being “live-locked” by a few large content inspection tasks. Further still, the invention improves the cost-effectiveness of NBCI by allowing the optimization knowledge gained by one NBCI node be shared with other nodes.
- NBCI network based content inspection
- Network based content inspection is a technology that accumulates data packets transmitted via a data network, reconstructs the accumulated packets into payloads of application level protocols, inspects the reconstructed payloads, and invokes predefined actions according to the result of the inspection.
- Network based content inspection is increasingly becoming an enabling method of monitoring network data in a number of important applications such as cyber surveillance, content access control, network traffic monitoring, anti-virus, anti-spamming, content annotation, content caching, and other applications.
- NBCI systems have a finite number of system resources, thus, when a system is subjected to communication sessions that carry large archived payloads, system resource exhaustion will happen. As a result, the system will either stop responding to new communication sessions, or will fail to open, which means that the very function of NBCI will not be applied to the new communication sessions. Therefore, past NBCI systems are generally not stable for today's enterprise and service provider networks.
- a typical enterprise or service provider may deploy NBCI systems at many network junctions. Past approaches often duplicate the inspection of different instances of the same content in each of the NBCI systems. Therefore, on the whole network level, computing resources are wasted on duplicated tasks.
- US 2006/0221658 uses a programmable finite state machine implemented as an integrated circuit to improve the memory usage efficiency of applying pattern matching against data payload for the purpose of content inspection.
- a programmable finite state machine implemented as an integrated circuit to improve the memory usage efficiency of applying pattern matching against data payload for the purpose of content inspection.
- today's network payloads typically contain archived content and while pattern matching is a necessary step for several NBCI applications, significant amounts of CPU cycles and memory must still be spent on de-archiving and re-archiving the content.
- this cost is encountered for the inspection of every instance of the content on every NBCI system.
- U.S. Pat. No. 6,154,844 (Touboul) describes a method in which a Downloadable Security Profile (DSP) is attached to the content payload.
- DSP Downloadable Security Profile
- an NBCI will not inspect the payload if the payload can be associated with a DSP. While this approach effectively reduces the computation needed for inspecting the same content in the NBCI systems along the path of the content transmission, the method of attaching a DSP to the payload will cause compatibility issues downstream as the downstream systems will have to understand this DSP.
- this method significantly increases the size of the resulting payload.
- this method does not take advantage of the fact that some components of the payload may have already been inspected.
- this method does not solve the system resource exhaustion issue caused by high concurrency of network data traffic or the system resource “live-lock” issue caused by inspection of large content.
- a data payload that may be carried via a variety of communication protocols to a content recognition module for determining if the payload or a component thereof has been previously inspected, or is being inspected;
- the method includes subjecting an unrecognized payload to content inspection to produce an inspection result and subsequently storing the inspection result in a content recognition module.
- the NBCI system resource allocation priority is adjusted with the passage of time so that other communication sessions can have a share of system resources.
- the method allows several NBCI systems in a network to learn from each other's content inspection results.
- the method provides further functionality including any operative combination of various functions as described below.
- the content recognition module includes a one-way hash function for calculating a message digest of the data payload and wherein the message digest is compared to previously stored message digests from previously inspected data payloads.
- Message digests from previously inspected data payloads are stored in a look-up table and the content recognition module returns a previously inspected result if the message digest of the data payload is the same as a previously stored message digest.
- the content recognition module returns a null result if the message digest of the data payload does not correspond to a previously stored message digest.
- This payload is then subjected to content inspection and is further subjected to a one-way hash function to calculate a message digest of the unrecognized result and the message digest subsequently stored in the content inspection module.
- the knowledge of what content has been inspected or what content is under inspection is stored in a Content Inspection History Lookup (CIHL) table as a record.
- CIHL record Each record, hereafter referred to as CIH record, in the CIHL table is indexed with a unique signature of the content. This signature is in the form of a message digest such as those created with SHA-1, MD-5, etc.
- Each entry also contains a field to indicate if the content is currently under inspection.
- the CIHL table may also contain a field for the inspection result which may be instructions to take subsequent action with respect to the data payload. Additional information may be added as fields to a CIH record. In one embodiment, this additional information may be time of inspection that may be part of a system to enhance security such that a data payload is no longer marked as inspected if the time of creation information exceeds a pre-determined value. Other information may include size information.
- system and method enable many copies of data payloads of the same content entering a network via a variety of communication sessions and via different communication protocols to be effectively and efficiently inspected.
- system and methods associate a message digest with supplementary information such as time stamp, payload size, etc, to minimize the risk of message digest collision-based attacks against a NBCI system.
- the payload is data of an application level network protocol and the payload may be decomposed prior to content inspection.
- the invention provides a system implemented on a computer or a network of computers for enhancing network based content inspection of a number of concurrently received data payloads comprising:
- a content recognition module for recognizing if each data payload has been previously inspected for content or is currently under inspection and a) allowing a recognized data payload to be delivered without content inspection; and b) subjecting an unrecognized data payload to content inspection to produce a content inspection result and subsequently storing the content inspection result in the content recognition module.
- the inspections of multiple data payloads are scheduled by a content inspection scheduler that assigns and modifies the system resource allocation priority to an inspection task.
- the content inspection module is a co-processor and/or the content inspection module utilizes CAM (Content-Addressable Memory).
- CAM Content-Addressable Memory
- system may include at least two content inspection modules operatively connected to a common look-up table, the results of content inspection on at least two content inspection modules is added to the common look-up table and/or the content recognition look-up tables are synchronized with each other.
- FIG. 1 is a schematic block diagram showing the interaction of a content recognition module and a content inspection module within a computer system, a co-processor, or a software module in accordance with one embodiment of the invention
- FIG. 2 is a schematic block diagram of an implementation of the content recognition module
- FIG. 3 is the structure of a content inspection history (CIH) record
- FIG. 4 is a flow diagram of a method of processing a payload in accordance with one embodiment of the invention.
- FIG. 5 illustrates the state machine of the content inspection state transition
- FIG. 6 is a flow diagram of a method of processing a payload including decomposition of the payload and partial recognition of the payload where content inspection is only conducted for portions not previously inspected;
- FIG. 7 is a schematic block diagram of an implementation of the content inspection module
- FIGS. 8 and 8 A are flow diagrams of a method of using a “Time Quantum Divided” strategy to apply content inspection algorithms to a payload in accordance with one embodiment of the invention
- FIG. 9 is a schematic block diagram of the implementation of the system of the invention using a content co-processor in accordance with one embodiment of the invention.
- FIG. 10 is a schematic block diagram of a network showing how multiple servers on a network may learn from the content inspection performed by other servers.
- concurrently means data payloads received by a computer network within a short time period such that the system resources considers the data payloads to have been effectively received at the same time or within a short time period.
- a content recognition module (CRM) 12 receives a data payload 14 .
- the CRM 12 inspects the data payload to determine if the content of this payload 14 has been inspected previously or is currently under inspection. If the CRM 12 recognizes that the content of the payload 14 has been previously inspected, the CRM will deliver the recognized payload 14 a (together with an inspection result as explained below) without subjecting the payload to content inspection. If the CRM 12 determines the payload is an unrecognized payload (that is, the payload has not been inspected previously), the unrecognized payload 14 b is delivered to a content inspection module (CIM) 16 . The content inspection module 16 calculates the inspection result and delivers the inspected payload 14 c together with the inspection result. If the CRM recognizes that the payload 14 is under inspection, the CRM will delay processing of other payloads containing the same content.
- CIM content inspection module
- a policy module 15 will apply a set of operations, such as the downstream delivery of the recognized payload 14 a , or modify the payload, based on business specific policies.
- An inspected payload 14 c and inspection result 14 d is returned to the CRM 12 in order that subsequent receipt of a similar payload does not pass through the content inspection module 16 .
- an inspection result is one or more markers that indicate that the content has been inspected and/or classified, and that enable other functions to be performed on the payload according to pre-determined policies.
- the payload 14 is passed through a one-way hash function to calculate a message digest 20 of the payload.
- the message digest is then passed through a Content Inspection Scheduler (CIS) 22 that compares the message digest 20 with previously stored message digests within a Content Inspection History Lookup (CIHL) Table 24 .
- CIS Content Inspection Scheduler
- Each record 42 ( FIG. 3 ) within the CIHL Table 24 is uniquely identified with a message digest. If a null matching record is found, meaning that the digest does not correspond to a previously stored digest, the payload content 14 b is passed to the content inspection module 16 for inspection by the content inspection module 16 .
- the content is then marked as “Under Inspection” 25 ( FIG.
- the content inspection module 16 scans the payload for content and classifies the content based on pre-determined criteria.
- the newly inspected content 14 c is passed through the one-way hash-function to calculate a message digest 20 a of the newly inspected content 14 c .
- a CIH record 42 b is inserted into the CIHL Table 24 . This entry has the message digest 20 a , the Inspection State “Inspected”, the Inspection Result 14 d , and optionally other supplementary information as will be explained in greater detail below.
- Step 29 If the comparison returns a matching CIH record 42 with the Inspection State field 43 being “Under Inspection” (Step 29 ), meaning a previous payload carrying the same content is currently being inspected, the processing of the latter payload content will wait for a period of time 26 before continuing.
- the system determines that the inspection state of the previous payload content ( FIG. 4 , step 27 ) has changed to “inspected”, the latter payload content will be subjected to content recognition.
- step 28 If the comparison (step 28 ) returns a matching CIH record 42 with the Inspection State field 43 being “Inspected”, meaning that the digest corresponds to the message digest of previously inspected content, the payload by-passes the content inspection module 16 as recognized payload 14 a.
- the one-way hash function may be a known Secure Hash Algorithm (SHA), such as SHA-1, MD2, MD4, MD5, variations thereof or other hashing algorithms as known to those skilled in the art.
- SHA Secure Hash Algorithm
- an alternate embodiment is described that further enhances the efficiency of content inspection.
- a methodology allowing partial recognition of the payload content is conducted in order that content inspection is only needed for the portion of the payload content that has not been previously inspected.
- the payload is decomposed into logical portions 30 and each portion is evaluated to determine if it has been inspected. If the algorithm determines that there are un-inspected portions (step 31 ), a message digest (step 32 ) is calculated for the un-inspected portions. Each message digest is then searched within the CIHL table as described above.
- Decomposition may be achieved by breaking down a payload into logical portions such as by attachment within an email, or the file content within a zip file.
- scheduling the content inspection of multiple inspection tasks is conducted to prevent system resource exhaustion in the event of the rapid or simultaneous arrival of many different data payloads, many instances of the same content, or in the event of a deny-of-service attack.
- Scheduling will ensure that the system resources are efficiently utilized to complete content inspection and are spent on applying the content inspection algorithms to one only instance of any multiple instances. This is achieved by giving much lower priority to time-consuming or system resource demanding content processing tasks. Scheduling is accomplished by utilizing the content inspection state (ie un-inspected, under-inspection or inspected) together with information relating to the number of required inspection tasks, the time of receipt of an inspection task and the size of the inspection task.
- FIGS. 7, 8 and 8 A describe one embodiment of the Content Inspection Module (CIM) 16 a using a “Time Quantum Divided” (TQD) content inspection process scheduling strategy.
- TQD Time Quantum Divided
- This process enables the system to enhance speed of service to multiple users accessing a network by decreasing priority for a content inspection process with the passage of time. For example, in a situation where there are 100 users accessing a network, and 99 of those users are attempting to pass small payloads (eg. a 1-2 kb file) through the network and 1 user is attempting to pass a larger file (eg.
- small payloads eg. a 1-2 kb file
- the scheduling manager will assign priority and allocate system resources based on both the size of each inspection task and the time taken to complete each content inspection task in order to minimize or prevent system resources being consumed by the single, larger inspection task, thus preventing each of the multiple users passing smaller payloads having to wait for the completion of the single larger inspection. That is, the system is able to prevent “live-lock” of the system resources by lengthy content inspection tasks.
- a content inspection process 80 starts by registering each content inspection task with the TQD CIP manager ( FIG. 8 , step 82 ) as each content packet requiring inspection arrives thus defining “n” inspection tasks.
- the TQD CIP manager 90 ( FIG. 8A ) periodically adjusts priority for each content inspection task such that each content inspection task is completed in a manner to maintain quality of service to multiple users by balancing the time to complete an inspection as determined by the number of inspection tasks, and the relative size of each inspection task.
- the CIHL table is updated (step 86 ) with the inspection result and the content inspection process 80 un-registers a specific content inspect task from the TQD CIP manager (step 88 ).
- the TQD CIP manager 90 continuously loops through each of the registered content inspection tasks and reviews and updates the status or priority of each content inspection task.
- the TQD CIP manager 90 determines if there are any registered inspection tasks (step 92 ). If there are no registered inspection tasks, the TQD manager 90 waits a pre-determined period of time (step 94 ) until re-determining if there are any inspection tasks. If there are inspection tasks (step 93 ), the TQD CIP manager 90 will reduce the time-to-live (TTL) value of each inspection task by a certain value (step 98 ). A content inspection process (CIP) will be aborted (step 102 ) if its TTL drops below an arbitrary threshold value (step 100 ). The CIH record of an aborted inspection task will be removed from the CIHL table (step 104 ). The transmission of the payload may be re-initiated by the sender and/or receiver at a later time.
- TTL time-to-live
- the TQD CIP manager 90 will reduce the priority for the ith inspection task (step 106 ) by a pre-determined value.
- the TQD CIP manager determines if there are any remaining registered inspection and either waits for a period of time (step 94 ) to check for registered inspection tasks or continues reviewing and adjusting the status of other registered inspection tasks.
- 5 content inspection tasks may have been registered with the TQD CIP manager 90 .
- These registered inspection tasks may include 3 small files (eg. 3 kb each), 1 medium size file (eg. 10 Mb) and 1 large file (eg. 100 Mb) received in any particular order.
- the manager will seek to balance the content inspection in order to maintain efficiency for a desired level of service.
- scheduling manager parameters may be set to ensure that priority is assigned to inspection of the smaller files first irregardless of the time of receipt.
- scheduling manager parameters may be set to ensure that priority is assigned strictly based on the time of arrival irregardless of size.
- the system may assign the same initial priority to all the inspection tasks.
- scheduling manager then reduces the priority for each of the task with the passage of the time.
- scheduling manager parameters may be set as balance between time of arrival and size. That is, in certain situations, the large file may be processed concurrently with the smaller files based on a particular allocation of system resources. Alternatively, the large file may be processed only for a period of time, until the scheduling manager determines that processing has taken too long and the inspection process is aborted for the large file. It is understood that the number of tasks registered with the scheduling manager may be dynamically changed such that priority may be adjusted up or down based on changes to the number of registered tasks.
- the content of a data payload as a recognized payload 14 a or an inspected payload 14 c can be associated with further information as described below allowing the system to take particular actions with respect to the payload based on the inspection result ( FIG. 3 ).
- the inspection result can be classified on the basis of content. For example, it can be a marker indicating that the content is spam, spyware or a virus.
- the inspection result can include a set of instructions to alter the content.
- the policy module 15 may use these instructions to take further steps with respect to the payload. For example, if the content is marked as a virus, the instructions may be to warn the recipient that the payload contains a virus and should not be opened. In other examples, the instructions may be to prevent the delivery of payload, but to send information indicating that the delivery has been denied.
- the inspection result can be associated with supplementary data.
- Supplementary data provides further functionality including enhanced security to the methods of the invention.
- supplementary data may include the time of creation 44 of the message digest which may be used to provide enhanced security. That is, as it is known that given enough time, an attacker can achieve a collision with the commonly used one-way hash algorithms, by adding time information as supplementary data, a message digest can be retired if the message digest is older than a pre-determined value.
- supplementary data may also or alternatively include the size 45 of the payload wherein the size information can be used to provide finer granularity to also reduce the possibility of a hash code collision.
- the size information can be used to provide finer granularity to also reduce the possibility of a hash code collision.
- both the message digest and the size have to match those of the payload.
- the system may be deployed as an adaptive external module of an existing content inspection system, or as an embedded module within a content inspection system.
- the system is implemented with the content recognition module interacting with an existing content inspection co-processor as shown in FIG. 9 .
- system is a software component embedded into a content inspection module which is a software module, a co-processor or a computer system.
- the message digests along with the inspection results can be shared among several instances of content recognition/inspection systems as shown in FIG. 10 .
- the sharing can be accomplished by storing the message digests along with the inspection results in a central server shared by these instances of content recognition/inspection systems, or replicating the digests along with the inspection results in each instances of the group.
- FIG. 10 shows four networked servers that each have external Internet connections that are securely linked via a common internal network.
- Server 3 is shown to represent the highest traffic server, possibly as an enterprise gateway.
- Servers 1 , 2 and 4 see less traffic but are operatively and securely connected to Server 3 .
- a NBCI database is connected to Server 3 .
- each server may report the results of their respective payload inspections to Server 3 and hence to database 5 such that each server on the system can “learn” from the experiences of the other Servers, thereby preventing the duplication of content inspection across a larger network.
- This networked embodiment is particularly beneficial in larger enterprises or service providers where the volume of traffic is sufficiently large that the ability to share such inspection results can greatly enhance the overall efficiency and cost-effectiveness of the system.
Abstract
Description
- This patent application claims the benefit of, under Title 35, United States Code, Section 119(e), U.S. Provisional Patent Application No. 60/827,338, filed on Sep. 28, 2006 and U.S. Provisional Patent Application No. 60/766,250, filed Jan. 5, 2006.
- The invention relates to network based content inspection (NBCI). More specifically, the invention provides systems and methods for improved NBCI in complex networks that are typical for enterprises and service providers. These networks are shared by large numbers of concurrent users who send and retrieve application content of various sizes via a variety of communication protocols. This invention improves the efficiency of the NBCI of an individual communication session by learning from the processing results of other communication sessions which may be carried via different network protocols without weakening. the overall security of the network. In addition, the invention provides methods to improve the stability of NBCI systems by minimizing the risk of system resource exhaustion if subjected to a burst of large payloads. The invention also improves perceived network stability by preventing the system resources from being “live-locked” by a few large content inspection tasks. Further still, the invention improves the cost-effectiveness of NBCI by allowing the optimization knowledge gained by one NBCI node be shared with other nodes.
- Network based content inspection (NBCI) is a technology that accumulates data packets transmitted via a data network, reconstructs the accumulated packets into payloads of application level protocols, inspects the reconstructed payloads, and invokes predefined actions according to the result of the inspection. Network based content inspection is increasingly becoming an enabling method of monitoring network data in a number of important applications such as cyber surveillance, content access control, network traffic monitoring, anti-virus, anti-spamming, content annotation, content caching, and other applications.
- One problem of past methods of NBCI is reduced network performance as a result of the time required for content reconstruction, inspection, and manipulation. Generally, network performance can become severely compromised when there are many users accessing large volumes of compressed content. As the exchange of large archived content is common over today's data networks, the inspection of such content can be highly inefficient at certain times, for example, when there is a new release of popular software, digital images, videos, ring-tones, and other compressed content that are being accessed by a large number of users within a relatively short time-frame on a network.
- It is also known that certain inspection tasks, such as 100% accurate polymorphic virus scanning, are NP-Complete problems. For these tasks, and with the increase of content size, the computational resources required to complete such inspection tasks grow exponentially which translates into long network latency for NBCI systems, which in turn results in low network throughput.
- Performance is not the only issue. NBCI systems have a finite number of system resources, thus, when a system is subjected to communication sessions that carry large archived payloads, system resource exhaustion will happen. As a result, the system will either stop responding to new communication sessions, or will fail to open, which means that the very function of NBCI will not be applied to the new communication sessions. Therefore, past NBCI systems are generally not stable for today's enterprise and service provider networks.
- A typical enterprise or service provider may deploy NBCI systems at many network junctions. Past approaches often duplicate the inspection of different instances of the same content in each of the NBCI systems. Therefore, on the whole network level, computing resources are wasted on duplicated tasks.
- In other scenarios, when many instances of the same content arrive at the same time, past NBCI system will spend system resources inspecting each of the instances. Such duplication results in more resources being required which drives up the cost of NBCI systems.
- A review of the prior art indicates that several technology exist in the art that enhance the performance of NBCI systems.
- For example, US 2006/0221658 (Gould) uses a programmable finite state machine implemented as an integrated circuit to improve the memory usage efficiency of applying pattern matching against data payload for the purpose of content inspection. However, as today's network payloads typically contain archived content and while pattern matching is a necessary step for several NBCI applications, significant amounts of CPU cycles and memory must still be spent on de-archiving and re-archiving the content. Moreover, this cost is encountered for the inspection of every instance of the content on every NBCI system.
- U.S. Pat. No. 6,154,844 (Touboul) describes a method in which a Downloadable Security Profile (DSP) is attached to the content payload. In this system, an NBCI will not inspect the payload if the payload can be associated with a DSP. While this approach effectively reduces the computation needed for inspecting the same content in the NBCI systems along the path of the content transmission, the method of attaching a DSP to the payload will cause compatibility issues downstream as the downstream systems will have to understand this DSP. In addition, for small payloads, such as those typical for short message services (SMS), this method significantly increases the size of the resulting payload. Still further, for large, archived payloads, this method does not take advantage of the fact that some components of the payload may have already been inspected. In addition, this method does not solve the system resource exhaustion issue caused by high concurrency of network data traffic or the system resource “live-lock” issue caused by inspection of large content.
- With the rapid growth of network bandwidth, from 100 Mbits, to 1 Gbits, and to 10 Gbits and beyond, the importance of NBCI performance is increasingly becoming paramount in the effective management of large, complex networks. As a result, there continues to be a need for NBCI methods that effectively and efficiently process data payloads in order to improve the efficiency, stability while reducing NBCI costs without compromising network speeds.
- In accordance with the invention, there is provided a method of enhancing network based content inspection for data payloads within heavy traffic data networks that are typical for service providers and enterprises by:
- subjecting a data payload that may be carried via a variety of communication protocols to a content recognition module for determining if the payload or a component thereof has been previously inspected, or is being inspected; and
- a) if the content has been previously inspected, associate this payload with a previous inspection result for policy enforcement without inspecting this payload;
- b) if a previous instance of the content is being inspected, in order to preserve the NBCI system resources, the inspection of the instance will wait until the inspection of the being inspected instance is completed;
- once inspection is completed, delivering the payload and inspection result.
- In another embodiment, the method includes subjecting an unrecognized payload to content inspection to produce an inspection result and subsequently storing the inspection result in a content recognition module.
- In another embodiment, for a given content inspection task, the NBCI system resource allocation priority is adjusted with the passage of time so that other communication sessions can have a share of system resources.
- In yet another embodiment, the method allows several NBCI systems in a network to learn from each other's content inspection results.
- In further embodiments, the method provides further functionality including any operative combination of various functions as described below.
- In one embodiment, the content recognition module includes a one-way hash function for calculating a message digest of the data payload and wherein the message digest is compared to previously stored message digests from previously inspected data payloads. Message digests from previously inspected data payloads are stored in a look-up table and the content recognition module returns a previously inspected result if the message digest of the data payload is the same as a previously stored message digest. As well, the content recognition module returns a null result if the message digest of the data payload does not correspond to a previously stored message digest. This payload is then subjected to content inspection and is further subjected to a one-way hash function to calculate a message digest of the unrecognized result and the message digest subsequently stored in the content inspection module.
- In further embodiments, the knowledge of what content has been inspected or what content is under inspection is stored in a Content Inspection History Lookup (CIHL) table as a record. Each record, hereafter referred to as CIH record, in the CIHL table is indexed with a unique signature of the content. This signature is in the form of a message digest such as those created with SHA-1, MD-5, etc. Each entry also contains a field to indicate if the content is currently under inspection.
- The CIHL table may also contain a field for the inspection result which may be instructions to take subsequent action with respect to the data payload. Additional information may be added as fields to a CIH record. In one embodiment, this additional information may be time of inspection that may be part of a system to enhance security such that a data payload is no longer marked as inspected if the time of creation information exceeds a pre-determined value. Other information may include size information.
- In a further embodiment, the system and method enable many copies of data payloads of the same content entering a network via a variety of communication sessions and via different communication protocols to be effectively and efficiently inspected.
- In a further embodiment, the system and methods associate a message digest with supplementary information such as time stamp, payload size, etc, to minimize the risk of message digest collision-based attacks against a NBCI system.
- In another aspect of the invention, the payload is data of an application level network protocol and the payload may be decomposed prior to content inspection.
- In another embodiment, the invention provides a system implemented on a computer or a network of computers for enhancing network based content inspection of a number of concurrently received data payloads comprising:
- a content recognition module for recognizing if each data payload has been previously inspected for content or is currently under inspection and a) allowing a recognized data payload to be delivered without content inspection; and b) subjecting an unrecognized data payload to content inspection to produce a content inspection result and subsequently storing the content inspection result in the content recognition module.
- In another aspect of the invention, the inspections of multiple data payloads are scheduled by a content inspection scheduler that assigns and modifies the system resource allocation priority to an inspection task.
- In various embodiments, the content inspection module is a co-processor and/or the content inspection module utilizes CAM (Content-Addressable Memory).
- Further still, the system may include at least two content inspection modules operatively connected to a common look-up table, the results of content inspection on at least two content inspection modules is added to the common look-up table and/or the content recognition look-up tables are synchronized with each other.
- The invention is described with reference to the figures wherein:
-
FIG. 1 is a schematic block diagram showing the interaction of a content recognition module and a content inspection module within a computer system, a co-processor, or a software module in accordance with one embodiment of the invention; -
FIG. 2 is a schematic block diagram of an implementation of the content recognition module; -
FIG. 3 is the structure of a content inspection history (CIH) record; -
FIG. 4 is a flow diagram of a method of processing a payload in accordance with one embodiment of the invention; -
FIG. 5 illustrates the state machine of the content inspection state transition; -
FIG. 6 is a flow diagram of a method of processing a payload including decomposition of the payload and partial recognition of the payload where content inspection is only conducted for portions not previously inspected; -
FIG. 7 is a schematic block diagram of an implementation of the content inspection module; -
FIGS. 8 and 8 A are flow diagrams of a method of using a “Time Quantum Divided” strategy to apply content inspection algorithms to a payload in accordance with one embodiment of the invention; -
FIG. 9 is a schematic block diagram of the implementation of the system of the invention using a content co-processor in accordance with one embodiment of the invention; and, -
FIG. 10 is a schematic block diagram of a network showing how multiple servers on a network may learn from the content inspection performed by other servers. - With reference to the Figures, systems and methods for optimizing the computation required to perform content inspection on concurrently received network data packet payloads are described. In the context of this description “concurrently” means data payloads received by a computer network within a short time period such that the system resources considers the data payloads to have been effectively received at the same time or within a short time period.
- With reference to
FIG. 1 , a content recognition module (CRM) 12 receives adata payload 14. TheCRM 12 inspects the data payload to determine if the content of thispayload 14 has been inspected previously or is currently under inspection. If theCRM 12 recognizes that the content of thepayload 14 has been previously inspected, the CRM will deliver the recognizedpayload 14 a (together with an inspection result as explained below) without subjecting the payload to content inspection. If theCRM 12 determines the payload is an unrecognized payload (that is, the payload has not been inspected previously), theunrecognized payload 14 b is delivered to a content inspection module (CIM) 16. Thecontent inspection module 16 calculates the inspection result and delivers the inspectedpayload 14 c together with the inspection result. If the CRM recognizes that thepayload 14 is under inspection, the CRM will delay processing of other payloads containing the same content. - A
policy module 15 will apply a set of operations, such as the downstream delivery of the recognizedpayload 14 a, or modify the payload, based on business specific policies. An inspectedpayload 14 c and inspection result 14 d is returned to theCRM 12 in order that subsequent receipt of a similar payload does not pass through thecontent inspection module 16. Generally, an inspection result is one or more markers that indicate that the content has been inspected and/or classified, and that enable other functions to be performed on the payload according to pre-determined policies. - With reference to
FIGS. 2, 3 , 4 and 5, the functionality of theCRM 12 is described. Initially, thepayload 14 is passed through a one-way hash function to calculate a message digest 20 of the payload. The message digest is then passed through a Content Inspection Scheduler (CIS) 22 that compares the message digest 20 with previously stored message digests within a Content Inspection History Lookup (CIHL) Table 24. Each record 42 (FIG. 3 ) within the CIHL Table 24 is uniquely identified with a message digest. If a null matching record is found, meaning that the digest does not correspond to a previously stored digest, thepayload content 14 b is passed to thecontent inspection module 16 for inspection by thecontent inspection module 16. The content is then marked as “Under Inspection” 25 (FIG. 4 ) by adding aCIH record 42 c into the CIHL table 24. This record will have itsInspection State 43 set to the value of “Under inspection”. Thecontent inspection module 16 scans the payload for content and classifies the content based on pre-determined criteria. - After inspection, the newly inspected
content 14 c is passed through the one-way hash-function to calculate a message digest 20 a of the newly inspectedcontent 14 c. ACIH record 42 b is inserted into the CIHL Table 24. This entry has the message digest 20 a, the Inspection State “Inspected”, theInspection Result 14 d, and optionally other supplementary information as will be explained in greater detail below. - If the comparison returns a matching
CIH record 42 with theInspection State field 43 being “Under Inspection” (Step 29), meaning a previous payload carrying the same content is currently being inspected, the processing of the latter payload content will wait for a period oftime 26 before continuing. When the system determines that the inspection state of the previous payload content (FIG. 4 , step 27) has changed to “inspected”, the latter payload content will be subjected to content recognition. - If the comparison (step 28) returns a matching
CIH record 42 with theInspection State field 43 being “Inspected”, meaning that the digest corresponds to the message digest of previously inspected content, the payload by-passes thecontent inspection module 16 as recognizedpayload 14 a. - The one-way hash function may be a known Secure Hash Algorithm (SHA), such as SHA-1, MD2, MD4, MD5, variations thereof or other hashing algorithms as known to those skilled in the art.
- With reference to
FIG. 6 , an alternate embodiment is described that further enhances the efficiency of content inspection. In this embodiment, a methodology allowing partial recognition of the payload content is conducted in order that content inspection is only needed for the portion of the payload content that has not been previously inspected. - In this embodiment, the payload is decomposed into logical portions 30 and each portion is evaluated to determine if it has been inspected. If the algorithm determines that there are un-inspected portions (step 31), a message digest (step 32) is calculated for the un-inspected portions. Each message digest is then searched within the CIHL table as described above.
- Decomposition may be achieved by breaking down a payload into logical portions such as by attachment within an email, or the file content within a zip file.
- Scheduling Manager
- In a preferred embodiment, scheduling the content inspection of multiple inspection tasks is conducted to prevent system resource exhaustion in the event of the rapid or simultaneous arrival of many different data payloads, many instances of the same content, or in the event of a deny-of-service attack. Scheduling will ensure that the system resources are efficiently utilized to complete content inspection and are spent on applying the content inspection algorithms to one only instance of any multiple instances. This is achieved by giving much lower priority to time-consuming or system resource demanding content processing tasks. Scheduling is accomplished by utilizing the content inspection state (ie un-inspected, under-inspection or inspected) together with information relating to the number of required inspection tasks, the time of receipt of an inspection task and the size of the inspection task.
-
FIGS. 7, 8 and 8A describe one embodiment of the Content Inspection Module (CIM) 16 a using a “Time Quantum Divided” (TQD) content inspection process scheduling strategy. This process enables the system to enhance speed of service to multiple users accessing a network by decreasing priority for a content inspection process with the passage of time. For example, in a situation where there are 100 users accessing a network, and 99 of those users are attempting to pass small payloads (eg. a 1-2 kb file) through the network and 1 user is attempting to pass a larger file (eg. a 100 Mb file) through the network, the scheduling manager will assign priority and allocate system resources based on both the size of each inspection task and the time taken to complete each content inspection task in order to minimize or prevent system resources being consumed by the single, larger inspection task, thus preventing each of the multiple users passing smaller payloads having to wait for the completion of the single larger inspection. That is, the system is able to prevent “live-lock” of the system resources by lengthy content inspection tasks. - As shown in
FIGS. 8 and 8 A, acontent inspection process 80 starts by registering each content inspection task with the TQD CIP manager (FIG. 8 , step 82) as each content packet requiring inspection arrives thus defining “n” inspection tasks. Upon registration, the TQD CIP manager 90 (FIG. 8A ) periodically adjusts priority for each content inspection task such that each content inspection task is completed in a manner to maintain quality of service to multiple users by balancing the time to complete an inspection as determined by the number of inspection tasks, and the relative size of each inspection task. Once the inspection algorithms have been completed (step 84) based on theTQD CIP manager 90 assigned priority, the CIHL table is updated (step 86) with the inspection result and thecontent inspection process 80 un-registers a specific content inspect task from the TQD CIP manager (step 88). - As content inspection tasks are being registered and un-registered from the
TQD CIP manager 90, theTQD CIP manager 90 continuously loops through each of the registered content inspection tasks and reviews and updates the status or priority of each content inspection task. - With reference to
FIG. 8A , initially, theTQD CIP manager 90 determines if there are any registered inspection tasks (step 92). If there are no registered inspection tasks, theTQD manager 90 waits a pre-determined period of time (step 94) until re-determining if there are any inspection tasks. If there are inspection tasks (step 93), theTQD CIP manager 90 will reduce the time-to-live (TTL) value of each inspection task by a certain value (step 98). A content inspection process (CIP) will be aborted (step 102) if its TTL drops below an arbitrary threshold value (step 100). The CIH record of an aborted inspection task will be removed from the CIHL table (step 104). The transmission of the payload may be re-initiated by the sender and/or receiver at a later time. - If the TTL is not less than zero, the
TQD CIP manager 90 will reduce the priority for the ith inspection task (step 106) by a pre-determined value. - Once the priority has been adjusted or the ith CIP has been aborted, the TQD CIP manager determines if there are any remaining registered inspection and either waits for a period of time (step 94) to check for registered inspection tasks or continues reviewing and adjusting the status of other registered inspection tasks.
- As an example of a possible scheduling scenario, 5 content inspection tasks may have been registered with the
TQD CIP manager 90. These registered inspection tasks may include 3 small files (eg. 3 kb each), 1 medium size file (eg. 10 Mb) and 1 large file (eg. 100 Mb) received in any particular order. In processing these inspection tasks, the manager will seek to balance the content inspection in order to maintain efficiency for a desired level of service. For example, scheduling manager parameters may be set to ensure that priority is assigned to inspection of the smaller files first irregardless of the time of receipt. Alternatively, scheduling manager parameters may be set to ensure that priority is assigned strictly based on the time of arrival irregardless of size. As illustrated inFIG. 8A , the system may assign the same initial priority to all the inspection tasks. The scheduling manager then reduces the priority for each of the task with the passage of the time. Further still, scheduling manager parameters may be set as balance between time of arrival and size. That is, in certain situations, the large file may be processed concurrently with the smaller files based on a particular allocation of system resources. Alternatively, the large file may be processed only for a period of time, until the scheduling manager determines that processing has taken too long and the inspection process is aborted for the large file. It is understood that the number of tasks registered with the scheduling manager may be dynamically changed such that priority may be adjusted up or down based on changes to the number of registered tasks. - It is understood by those skilled in the art that the determination of priority and the allocation of system resources to effectively manage content inspection based on content size, and time-to-complete an inspection task may be accomplished by a variety of algorithms and that the methodologies described above are only a limited number of examples of such algorithms.
- Classification of Inspection Results
- In various embodiments, the content of a data payload, as a recognized
payload 14 a or an inspectedpayload 14 c can be associated with further information as described below allowing the system to take particular actions with respect to the payload based on the inspection result (FIG. 3 ). - a) Classification of Content
- The inspection result can be classified on the basis of content. For example, it can be a marker indicating that the content is spam, spyware or a virus.
- b) Content Instructions
- The inspection result can include a set of instructions to alter the content. In this case, the
policy module 15 may use these instructions to take further steps with respect to the payload. For example, if the content is marked as a virus, the instructions may be to warn the recipient that the payload contains a virus and should not be opened. In other examples, the instructions may be to prevent the delivery of payload, but to send information indicating that the delivery has been denied. - c) Supplementary Data
- The inspection result can be associated with supplementary data. Supplementary data provides further functionality including enhanced security to the methods of the invention.
- For example, supplementary data may include the time of
creation 44 of the message digest which may be used to provide enhanced security. That is, as it is known that given enough time, an attacker can achieve a collision with the commonly used one-way hash algorithms, by adding time information as supplementary data, a message digest can be retired if the message digest is older than a pre-determined value. - In another embodiment supplementary data may also or alternatively include the
size 45 of the payload wherein the size information can be used to provide finer granularity to also reduce the possibility of a hash code collision. In this example, when conducting the CIHL table search function within the lookup table, both the message digest and the size have to match those of the payload. - Deployment
- The system may be deployed as an adaptive external module of an existing content inspection system, or as an embedded module within a content inspection system.
- In one embodiment, the system is implemented with the content recognition module interacting with an existing content inspection co-processor as shown in
FIG. 9 . - In another embodiment, the system is a software component embedded into a content inspection module which is a software module, a co-processor or a computer system.
- In a further embodiment, and in order to leverage the computation spent on content inspection, the message digests along with the inspection results can be shared among several instances of content recognition/inspection systems as shown in
FIG. 10 . The sharing can be accomplished by storing the message digests along with the inspection results in a central server shared by these instances of content recognition/inspection systems, or replicating the digests along with the inspection results in each instances of the group. For example,FIG. 10 shows four networked servers that each have external Internet connections that are securely linked via a common internal network. Server 3 is shown to represent the highest traffic server, possibly as an enterprise gateway.Servers 1, 2 and 4 see less traffic but are operatively and securely connected to Server 3. A NBCI database is connected to Server 3. In order to further enhance the efficiency of the system, each server may report the results of their respective payload inspections to Server 3 and hence todatabase 5 such that each server on the system can “learn” from the experiences of the other Servers, thereby preventing the duplication of content inspection across a larger network. This networked embodiment is particularly beneficial in larger enterprises or service providers where the volume of traffic is sufficiently large that the ability to share such inspection results can greatly enhance the overall efficiency and cost-effectiveness of the system. - The preceding description is intended to provide an illustrative description of the invention. It is understood that variations in the examples of deployment of the invention may be realized without departing from the spirit of the invention.
Claims (33)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/620,556 US7630379B2 (en) | 2006-01-05 | 2007-01-05 | Systems and methods for improved network based content inspection |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US76625006P | 2006-01-05 | 2006-01-05 | |
US82733806P | 2006-09-28 | 2006-09-28 | |
US11/620,556 US7630379B2 (en) | 2006-01-05 | 2007-01-05 | Systems and methods for improved network based content inspection |
Publications (2)
Publication Number | Publication Date |
---|---|
US20070160062A1 true US20070160062A1 (en) | 2007-07-12 |
US7630379B2 US7630379B2 (en) | 2009-12-08 |
Family
ID=38227877
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/620,556 Active 2028-01-07 US7630379B2 (en) | 2006-01-05 | 2007-01-05 | Systems and methods for improved network based content inspection |
Country Status (5)
Country | Link |
---|---|
US (1) | US7630379B2 (en) |
JP (1) | JP5019480B2 (en) |
CN (1) | CN101366238B (en) |
CA (1) | CA2635969C (en) |
WO (1) | WO2007076613A1 (en) |
Cited By (137)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080181131A1 (en) * | 2007-01-31 | 2008-07-31 | Cisco Technology, Inc. | Managing multiple application configuration versions in a heterogeneous network |
US20090307769A1 (en) * | 2006-03-14 | 2009-12-10 | Jon Curnyn | Method and apparatus for providing network security |
WO2009146536A1 (en) * | 2008-06-02 | 2009-12-10 | Corporation De L'ecole Polytechnique De Montreal | File presence detection and monitoring |
US20100153511A1 (en) * | 2008-12-12 | 2010-06-17 | Verizon Corporate Resources Group Llc | Duplicate mms content checking |
US20150066571A1 (en) * | 2013-08-30 | 2015-03-05 | Soeren Balko | High-load business process scalability |
US8990946B1 (en) * | 2014-04-18 | 2015-03-24 | Kaspersky Lab Zao | System and methods of distributing antivirus checking tasks among virtual machines in a virtual network |
US20150117452A1 (en) * | 2013-10-30 | 2015-04-30 | Palo Alto Research Center Incorporated | System and method for minimum path mtu discovery in content centric networks |
US9276840B2 (en) | 2013-10-30 | 2016-03-01 | Palo Alto Research Center Incorporated | Interest messages with a payload for a named data network |
US9276751B2 (en) | 2014-05-28 | 2016-03-01 | Palo Alto Research Center Incorporated | System and method for circular link resolution with computable hash-based names in content-centric networks |
US9280546B2 (en) | 2012-10-31 | 2016-03-08 | Palo Alto Research Center Incorporated | System and method for accessing digital content using a location-independent name |
US9311377B2 (en) | 2013-11-13 | 2016-04-12 | Palo Alto Research Center Incorporated | Method and apparatus for performing server handoff in a name-based content distribution system |
US9363179B2 (en) | 2014-03-26 | 2016-06-07 | Palo Alto Research Center Incorporated | Multi-publisher routing protocol for named data networks |
US9363086B2 (en) | 2014-03-31 | 2016-06-07 | Palo Alto Research Center Incorporated | Aggregate signing of data in content centric networking |
US9374304B2 (en) | 2014-01-24 | 2016-06-21 | Palo Alto Research Center Incorporated | End-to end route tracing over a named-data network |
US9379979B2 (en) | 2014-01-14 | 2016-06-28 | Palo Alto Research Center Incorporated | Method and apparatus for establishing a virtual interface for a set of mutual-listener devices |
US9390289B2 (en) | 2014-04-07 | 2016-07-12 | Palo Alto Research Center Incorporated | Secure collection synchronization using matched network names |
US9391896B2 (en) | 2014-03-10 | 2016-07-12 | Palo Alto Research Center Incorporated | System and method for packet forwarding using a conjunctive normal form strategy in a content-centric network |
US9391777B2 (en) | 2014-08-15 | 2016-07-12 | Palo Alto Research Center Incorporated | System and method for performing key resolution over a content centric network |
US9400800B2 (en) | 2012-11-19 | 2016-07-26 | Palo Alto Research Center Incorporated | Data transport by named content synchronization |
US9401864B2 (en) | 2013-10-31 | 2016-07-26 | Palo Alto Research Center Incorporated | Express header for packets with hierarchically structured variable-length identifiers |
US9407432B2 (en) | 2014-03-19 | 2016-08-02 | Palo Alto Research Center Incorporated | System and method for efficient and secure distribution of digital content |
US9407549B2 (en) | 2013-10-29 | 2016-08-02 | Palo Alto Research Center Incorporated | System and method for hash-based forwarding of packets with hierarchically structured variable-length identifiers |
US9426113B2 (en) | 2014-06-30 | 2016-08-23 | Palo Alto Research Center Incorporated | System and method for managing devices over a content centric network |
US9444722B2 (en) | 2013-08-01 | 2016-09-13 | Palo Alto Research Center Incorporated | Method and apparatus for configuring routing paths in a custodian-based routing architecture |
US9451032B2 (en) | 2014-04-10 | 2016-09-20 | Palo Alto Research Center Incorporated | System and method for simple service discovery in content-centric networks |
US9456054B2 (en) | 2008-05-16 | 2016-09-27 | Palo Alto Research Center Incorporated | Controlling the spread of interests and content in a content centric network |
US9455835B2 (en) | 2014-05-23 | 2016-09-27 | Palo Alto Research Center Incorporated | System and method for circular link resolution with hash-based names in content-centric networks |
US9462006B2 (en) | 2015-01-21 | 2016-10-04 | Palo Alto Research Center Incorporated | Network-layer application-specific trust model |
US9467492B2 (en) | 2014-08-19 | 2016-10-11 | Palo Alto Research Center Incorporated | System and method for reconstructable all-in-one content stream |
US9473405B2 (en) | 2014-03-10 | 2016-10-18 | Palo Alto Research Center Incorporated | Concurrent hashes and sub-hashes on data streams |
US9473475B2 (en) | 2014-12-22 | 2016-10-18 | Palo Alto Research Center Incorporated | Low-cost authenticated signing delegation in content centric networking |
US9497282B2 (en) | 2014-08-27 | 2016-11-15 | Palo Alto Research Center Incorporated | Network coding for content-centric network |
US9503358B2 (en) | 2013-12-05 | 2016-11-22 | Palo Alto Research Center Incorporated | Distance-based routing in an information-centric network |
US9503365B2 (en) | 2014-08-11 | 2016-11-22 | Palo Alto Research Center Incorporated | Reputation-based instruction processing over an information centric network |
US9516144B2 (en) | 2014-06-19 | 2016-12-06 | Palo Alto Research Center Incorporated | Cut-through forwarding of CCNx message fragments with IP encapsulation |
US9535968B2 (en) | 2014-07-21 | 2017-01-03 | Palo Alto Research Center Incorporated | System for distributing nameless objects using self-certifying names |
US9536059B2 (en) | 2014-12-15 | 2017-01-03 | Palo Alto Research Center Incorporated | Method and system for verifying renamed content using manifests in a content centric network |
US9537719B2 (en) | 2014-06-19 | 2017-01-03 | Palo Alto Research Center Incorporated | Method and apparatus for deploying a minimal-cost CCN topology |
US9552493B2 (en) | 2015-02-03 | 2017-01-24 | Palo Alto Research Center Incorporated | Access control framework for information centric networking |
US9553812B2 (en) | 2014-09-09 | 2017-01-24 | Palo Alto Research Center Incorporated | Interest keep alives at intermediate routers in a CCN |
US9590948B2 (en) | 2014-12-15 | 2017-03-07 | Cisco Systems, Inc. | CCN routing using hardware-assisted hash tables |
US9590887B2 (en) | 2014-07-18 | 2017-03-07 | Cisco Systems, Inc. | Method and system for keeping interest alive in a content centric network |
US9602596B2 (en) | 2015-01-12 | 2017-03-21 | Cisco Systems, Inc. | Peer-to-peer sharing in a content centric network |
US9609014B2 (en) | 2014-05-22 | 2017-03-28 | Cisco Systems, Inc. | Method and apparatus for preventing insertion of malicious content at a named data network router |
US9621354B2 (en) | 2014-07-17 | 2017-04-11 | Cisco Systems, Inc. | Reconstructable content objects |
US9626413B2 (en) | 2014-03-10 | 2017-04-18 | Cisco Systems, Inc. | System and method for ranking content popularity in a content-centric network |
US9660825B2 (en) | 2014-12-24 | 2017-05-23 | Cisco Technology, Inc. | System and method for multi-source multicasting in content-centric networks |
US9678998B2 (en) | 2014-02-28 | 2017-06-13 | Cisco Technology, Inc. | Content name resolution for information centric networking |
US9686194B2 (en) | 2009-10-21 | 2017-06-20 | Cisco Technology, Inc. | Adaptive multi-interface use for content networking |
US9699198B2 (en) | 2014-07-07 | 2017-07-04 | Cisco Technology, Inc. | System and method for parallel secure content bootstrapping in content-centric networks |
US9716622B2 (en) | 2014-04-01 | 2017-07-25 | Cisco Technology, Inc. | System and method for dynamic name configuration in content-centric networks |
US9729616B2 (en) | 2014-07-18 | 2017-08-08 | Cisco Technology, Inc. | Reputation-based strategy for forwarding and responding to interests over a content centric network |
US9729662B2 (en) | 2014-08-11 | 2017-08-08 | Cisco Technology, Inc. | Probabilistic lazy-forwarding technique without validation in a content centric network |
US9794238B2 (en) | 2015-10-29 | 2017-10-17 | Cisco Technology, Inc. | System for key exchange in a content centric network |
US9800637B2 (en) | 2014-08-19 | 2017-10-24 | Cisco Technology, Inc. | System and method for all-in-one content stream in content-centric networks |
US9807205B2 (en) | 2015-11-02 | 2017-10-31 | Cisco Technology, Inc. | Header compression for CCN messages using dictionary |
US9832116B2 (en) | 2016-03-14 | 2017-11-28 | Cisco Technology, Inc. | Adjusting entries in a forwarding information base in a content centric network |
US9832291B2 (en) | 2015-01-12 | 2017-11-28 | Cisco Technology, Inc. | Auto-configurable transport stack |
US9832123B2 (en) | 2015-09-11 | 2017-11-28 | Cisco Technology, Inc. | Network named fragments in a content centric network |
US9836540B2 (en) | 2014-03-04 | 2017-12-05 | Cisco Technology, Inc. | System and method for direct storage access in a content-centric network |
US9846881B2 (en) | 2014-12-19 | 2017-12-19 | Palo Alto Research Center Incorporated | Frugal user engagement help systems |
US9882964B2 (en) | 2014-08-08 | 2018-01-30 | Cisco Technology, Inc. | Explicit strategy feedback in name-based forwarding |
US9912776B2 (en) | 2015-12-02 | 2018-03-06 | Cisco Technology, Inc. | Explicit content deletion commands in a content centric network |
US9916457B2 (en) | 2015-01-12 | 2018-03-13 | Cisco Technology, Inc. | Decoupled name security binding for CCN objects |
US9916601B2 (en) | 2014-03-21 | 2018-03-13 | Cisco Technology, Inc. | Marketplace for presenting advertisements in a scalable data broadcasting system |
US9930146B2 (en) | 2016-04-04 | 2018-03-27 | Cisco Technology, Inc. | System and method for compressing content centric networking messages |
US9935791B2 (en) | 2013-05-20 | 2018-04-03 | Cisco Technology, Inc. | Method and system for name resolution across heterogeneous architectures |
US9946743B2 (en) | 2015-01-12 | 2018-04-17 | Cisco Technology, Inc. | Order encoded manifests in a content centric network |
US9949301B2 (en) | 2016-01-20 | 2018-04-17 | Palo Alto Research Center Incorporated | Methods for fast, secure and privacy-friendly internet connection discovery in wireless networks |
US9954678B2 (en) | 2014-02-06 | 2018-04-24 | Cisco Technology, Inc. | Content-based transport security |
US9954795B2 (en) | 2015-01-12 | 2018-04-24 | Cisco Technology, Inc. | Resource allocation using CCN manifests |
US9959156B2 (en) | 2014-07-17 | 2018-05-01 | Cisco Technology, Inc. | Interest return control message |
US9978025B2 (en) | 2013-03-20 | 2018-05-22 | Cisco Technology, Inc. | Ordered-element naming for name-based packet forwarding |
US9977809B2 (en) | 2015-09-24 | 2018-05-22 | Cisco Technology, Inc. | Information and data framework in a content centric network |
US9986034B2 (en) | 2015-08-03 | 2018-05-29 | Cisco Technology, Inc. | Transferring state in content centric network stacks |
US9992281B2 (en) | 2014-05-01 | 2018-06-05 | Cisco Technology, Inc. | Accountable content stores for information centric networks |
US9992097B2 (en) | 2016-07-11 | 2018-06-05 | Cisco Technology, Inc. | System and method for piggybacking routing information in interests in a content centric network |
US10003520B2 (en) | 2014-12-22 | 2018-06-19 | Cisco Technology, Inc. | System and method for efficient name-based content routing using link-state information in information-centric networks |
US10003507B2 (en) | 2016-03-04 | 2018-06-19 | Cisco Technology, Inc. | Transport session state protocol |
US10009266B2 (en) | 2016-07-05 | 2018-06-26 | Cisco Technology, Inc. | Method and system for reference counted pending interest tables in a content centric network |
US10009446B2 (en) | 2015-11-02 | 2018-06-26 | Cisco Technology, Inc. | Header compression for CCN messages using dictionary learning |
US10021222B2 (en) | 2015-11-04 | 2018-07-10 | Cisco Technology, Inc. | Bit-aligned header compression for CCN messages using dictionary |
US10027578B2 (en) | 2016-04-11 | 2018-07-17 | Cisco Technology, Inc. | Method and system for routable prefix queries in a content centric network |
US10033639B2 (en) | 2016-03-25 | 2018-07-24 | Cisco Technology, Inc. | System and method for routing packets in a content centric network using anonymous datagrams |
US10033642B2 (en) | 2016-09-19 | 2018-07-24 | Cisco Technology, Inc. | System and method for making optimal routing decisions based on device-specific parameters in a content centric network |
US10038633B2 (en) | 2016-03-04 | 2018-07-31 | Cisco Technology, Inc. | Protocol to query for historical network information in a content centric network |
US10043016B2 (en) | 2016-02-29 | 2018-08-07 | Cisco Technology, Inc. | Method and system for name encryption agreement in a content centric network |
US10051071B2 (en) | 2016-03-04 | 2018-08-14 | Cisco Technology, Inc. | Method and system for collecting historical network information in a content centric network |
US10063414B2 (en) | 2016-05-13 | 2018-08-28 | Cisco Technology, Inc. | Updating a transport stack in a content centric network |
US10069933B2 (en) | 2014-10-23 | 2018-09-04 | Cisco Technology, Inc. | System and method for creating virtual interfaces based on network characteristics |
US10067948B2 (en) | 2016-03-18 | 2018-09-04 | Cisco Technology, Inc. | Data deduping in content centric networking manifests |
US10069729B2 (en) | 2016-08-08 | 2018-09-04 | Cisco Technology, Inc. | System and method for throttling traffic based on a forwarding information base in a content centric network |
US10075401B2 (en) | 2015-03-18 | 2018-09-11 | Cisco Technology, Inc. | Pending interest table behavior |
US10075521B2 (en) | 2014-04-07 | 2018-09-11 | Cisco Technology, Inc. | Collection synchronization using equality matched network names |
US10075402B2 (en) | 2015-06-24 | 2018-09-11 | Cisco Technology, Inc. | Flexible command and control in content centric networks |
US10078062B2 (en) | 2015-12-15 | 2018-09-18 | Palo Alto Research Center Incorporated | Device health estimation by combining contextual information with sensor data |
US10084764B2 (en) | 2016-05-13 | 2018-09-25 | Cisco Technology, Inc. | System for a secure encryption proxy in a content centric network |
US10091330B2 (en) | 2016-03-23 | 2018-10-02 | Cisco Technology, Inc. | Interest scheduling by an information and data framework in a content centric network |
US10089651B2 (en) | 2014-03-03 | 2018-10-02 | Cisco Technology, Inc. | Method and apparatus for streaming advertisements in a scalable data broadcasting system |
US10089655B2 (en) | 2013-11-27 | 2018-10-02 | Cisco Technology, Inc. | Method and apparatus for scalable data broadcasting |
US10097521B2 (en) | 2015-11-20 | 2018-10-09 | Cisco Technology, Inc. | Transparent encryption in a content centric network |
US10097346B2 (en) | 2015-12-09 | 2018-10-09 | Cisco Technology, Inc. | Key catalogs in a content centric network |
US10098051B2 (en) | 2014-01-22 | 2018-10-09 | Cisco Technology, Inc. | Gateways and routing in software-defined manets |
US10103989B2 (en) | 2016-06-13 | 2018-10-16 | Cisco Technology, Inc. | Content object return messages in a content centric network |
US10101801B2 (en) | 2013-11-13 | 2018-10-16 | Cisco Technology, Inc. | Method and apparatus for prefetching content in a data stream |
US10116605B2 (en) | 2015-06-22 | 2018-10-30 | Cisco Technology, Inc. | Transport stack name scheme and identity management |
US10122624B2 (en) | 2016-07-25 | 2018-11-06 | Cisco Technology, Inc. | System and method for ephemeral entries in a forwarding information base in a content centric network |
US10129365B2 (en) | 2013-11-13 | 2018-11-13 | Cisco Technology, Inc. | Method and apparatus for pre-fetching remote content based on static and dynamic recommendations |
US10135948B2 (en) | 2016-10-31 | 2018-11-20 | Cisco Technology, Inc. | System and method for process migration in a content centric network |
US10148572B2 (en) | 2016-06-27 | 2018-12-04 | Cisco Technology, Inc. | Method and system for interest groups in a content centric network |
US10172068B2 (en) | 2014-01-22 | 2019-01-01 | Cisco Technology, Inc. | Service-oriented routing in software-defined MANETs |
US10204013B2 (en) | 2014-09-03 | 2019-02-12 | Cisco Technology, Inc. | System and method for maintaining a distributed and fault-tolerant state over an information centric network |
US10212248B2 (en) | 2016-10-03 | 2019-02-19 | Cisco Technology, Inc. | Cache management on high availability routers in a content centric network |
US10212196B2 (en) | 2016-03-16 | 2019-02-19 | Cisco Technology, Inc. | Interface discovery and authentication in a name-based network |
US10237189B2 (en) | 2014-12-16 | 2019-03-19 | Cisco Technology, Inc. | System and method for distance-based interest forwarding |
US10243851B2 (en) | 2016-11-21 | 2019-03-26 | Cisco Technology, Inc. | System and method for forwarder connection information in a content centric network |
US10257271B2 (en) | 2016-01-11 | 2019-04-09 | Cisco Technology, Inc. | Chandra-Toueg consensus in a content centric network |
US10263965B2 (en) | 2015-10-16 | 2019-04-16 | Cisco Technology, Inc. | Encrypted CCNx |
US10305865B2 (en) | 2016-06-21 | 2019-05-28 | Cisco Technology, Inc. | Permutation-based content encryption with manifests in a content centric network |
US10305864B2 (en) | 2016-01-25 | 2019-05-28 | Cisco Technology, Inc. | Method and system for interest encryption in a content centric network |
US10313227B2 (en) | 2015-09-24 | 2019-06-04 | Cisco Technology, Inc. | System and method for eliminating undetected interest looping in information-centric networks |
US10320675B2 (en) | 2016-05-04 | 2019-06-11 | Cisco Technology, Inc. | System and method for routing packets in a stateless content centric network |
US10320760B2 (en) | 2016-04-01 | 2019-06-11 | Cisco Technology, Inc. | Method and system for mutating and caching content in a content centric network |
US10333840B2 (en) | 2015-02-06 | 2019-06-25 | Cisco Technology, Inc. | System and method for on-demand content exchange with adaptive naming in information-centric networks |
US10355999B2 (en) | 2015-09-23 | 2019-07-16 | Cisco Technology, Inc. | Flow control with network named fragments |
US10404450B2 (en) | 2016-05-02 | 2019-09-03 | Cisco Technology, Inc. | Schematized access control in a content centric network |
US10425503B2 (en) | 2016-04-07 | 2019-09-24 | Cisco Technology, Inc. | Shared pending interest table in a content centric network |
US10430839B2 (en) | 2012-12-12 | 2019-10-01 | Cisco Technology, Inc. | Distributed advertisement insertion in content-centric networks |
US10447805B2 (en) | 2016-10-10 | 2019-10-15 | Cisco Technology, Inc. | Distributed consensus in a content centric network |
US10454820B2 (en) | 2015-09-29 | 2019-10-22 | Cisco Technology, Inc. | System and method for stateless information-centric networking |
US10547589B2 (en) | 2016-05-09 | 2020-01-28 | Cisco Technology, Inc. | System for implementing a small computer systems interface protocol over a content centric network |
US10610144B2 (en) | 2015-08-19 | 2020-04-07 | Palo Alto Research Center Incorporated | Interactive remote patient monitoring and condition management intervention system |
US10701038B2 (en) | 2015-07-27 | 2020-06-30 | Cisco Technology, Inc. | Content negotiation in a content centric network |
US10742596B2 (en) | 2016-03-04 | 2020-08-11 | Cisco Technology, Inc. | Method and system for reducing a collision probability of hash-based names using a publisher identifier |
US10956412B2 (en) | 2016-08-09 | 2021-03-23 | Cisco Technology, Inc. | Method and system for conjunctive normal form attribute matching in a content centric network |
US11349852B2 (en) * | 2016-08-31 | 2022-05-31 | Wedge Networks Inc. | Apparatus and methods for network-based line-rate detection of unknown malware |
US11436656B2 (en) | 2016-03-18 | 2022-09-06 | Palo Alto Research Center Incorporated | System and method for a real-time egocentric collaborative filter on large datasets |
Families Citing this family (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6205249B1 (en) | 1998-04-02 | 2001-03-20 | Scott A. Moskowitz | Multiple transform utilization and applications for secure digital watermarking |
US7664263B2 (en) | 1998-03-24 | 2010-02-16 | Moskowitz Scott A | Method for combining transfer functions with predetermined key creation |
US7177429B2 (en) | 2000-12-07 | 2007-02-13 | Blue Spike, Inc. | System and methods for permitting open access to data objects and for securing data within the data objects |
US7346472B1 (en) | 2000-09-07 | 2008-03-18 | Blue Spike, Inc. | Method and device for monitoring and analyzing signals |
US7159116B2 (en) | 1999-12-07 | 2007-01-02 | Blue Spike, Inc. | Systems, methods and devices for trusted transactions |
US7664264B2 (en) | 1999-03-24 | 2010-02-16 | Blue Spike, Inc. | Utilizing data reduction in steganographic and cryptographic systems |
US7475246B1 (en) | 1999-08-04 | 2009-01-06 | Blue Spike, Inc. | Secure personal content server |
US7287275B2 (en) | 2002-04-17 | 2007-10-23 | Moskowitz Scott A | Methods, systems and devices for packet watermarking and efficient provisioning of bandwidth |
CN101072380B (en) * | 2007-06-08 | 2010-12-08 | 华为技术有限公司 | Content delivery method and system, network device, mobile data service management platform |
US8756337B1 (en) * | 2007-08-03 | 2014-06-17 | Hewlett-Packard Development Company, L.P. | Network packet inspection flow management |
US8548067B2 (en) * | 2010-01-29 | 2013-10-01 | Goran Ivkovic | Single sensor radio scene analysis for packet based radio signals using 2nd and 4th order statistics |
US9009820B1 (en) | 2010-03-08 | 2015-04-14 | Raytheon Company | System and method for malware detection using multiple techniques |
US8863279B2 (en) * | 2010-03-08 | 2014-10-14 | Raytheon Company | System and method for malware detection |
US9444840B2 (en) * | 2012-03-13 | 2016-09-13 | Alcatel Lucent | Method and apparatus for a distributed security service in a cloud network |
US20190362075A1 (en) * | 2018-05-22 | 2019-11-28 | Fortinet, Inc. | Preventing users from accessing infected files by using multiple file storage repositories and a secure data transfer agent logically interposed therebetween |
US11036856B2 (en) | 2018-09-16 | 2021-06-15 | Fortinet, Inc. | Natively mounting storage for inspection and sandboxing in the cloud |
US10701238B1 (en) | 2019-05-09 | 2020-06-30 | Google Llc | Context-adaptive scanning |
CN113676411B (en) * | 2021-10-21 | 2022-01-11 | 深圳鼎信通达股份有限公司 | Network communication method, session edge controller and storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060133377A1 (en) * | 2004-12-22 | 2006-06-22 | Intruguard Device, Inc. | System and method for integrated header, state, rate and content anomaly prevention with policy enforcement |
US20060143713A1 (en) * | 2004-12-28 | 2006-06-29 | International Business Machines Corporation | Rapid virus scan using file signature created during file write |
US7203960B1 (en) * | 2003-06-20 | 2007-04-10 | Trend Micro, Inc. | Anti-virus method and system guaranteeing a maximum delay for streaming data |
US20070083930A1 (en) * | 2005-10-11 | 2007-04-12 | Jim Dumont | Method, telecommunications node, and computer data signal message for optimizing virus scanning |
US20080016568A1 (en) * | 2004-01-13 | 2008-01-17 | Peter Szor | Refining Behavioral Detections for Early Blocking of Malicious Code |
US7392544B1 (en) * | 2007-12-18 | 2008-06-24 | Kaspersky Lab, Zao | Method and system for anti-malware scanning with variable scan settings |
Family Cites Families (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6154844A (en) * | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
US6021510A (en) * | 1997-11-24 | 2000-02-01 | Symantec Corporation | Antivirus accelerator |
US6735700B1 (en) | 2000-01-11 | 2004-05-11 | Network Associates Technology, Inc. | Fast virus scanning using session stamping |
US7080407B1 (en) | 2000-06-27 | 2006-07-18 | Cisco Technology, Inc. | Virus detection and removal system and method for network-based systems |
US7363657B2 (en) * | 2001-03-12 | 2008-04-22 | Emc Corporation | Using a virus checker in one file server to check for viruses in another file server |
JP2002290900A (en) * | 2001-03-23 | 2002-10-04 | Hitachi Ltd | Information screening device and information guarantee system |
US7010807B1 (en) | 2001-04-13 | 2006-03-07 | Sonicwall, Inc. | System and method for network virus protection |
JP2003216445A (en) * | 2002-01-23 | 2003-07-31 | Hitachi Ltd | Checking method of computer virus |
JP2004110151A (en) * | 2002-09-13 | 2004-04-08 | Victor Co Of Japan Ltd | Apparatus, program, and method for searching unauthorized utilization of content |
US7082044B2 (en) | 2003-03-12 | 2006-07-25 | Sensory Networks, Inc. | Apparatus and method for memory efficient, programmable, pattern matching finite state machine hardware |
US20040210754A1 (en) | 2003-04-16 | 2004-10-21 | Barron Dwight L. | Shared security transform device, system and methods |
US7769994B2 (en) * | 2003-08-13 | 2010-08-03 | Radware Ltd. | Content inspection in secure networks |
EP1757039A4 (en) * | 2004-04-26 | 2013-01-02 | Cisco Tech Inc | Programmable packet parsing processor |
US20060015940A1 (en) | 2004-07-14 | 2006-01-19 | Shay Zamir | Method for detecting unwanted executables |
US7480683B2 (en) | 2004-10-01 | 2009-01-20 | Webroot Software, Inc. | System and method for heuristic analysis to identify pestware |
US7624436B2 (en) * | 2005-06-30 | 2009-11-24 | Intel Corporation | Multi-pattern packet content inspection mechanisms employing tagged values |
GB2416891B (en) * | 2005-11-09 | 2006-11-01 | Streamshield Networks Ltd | A network implemented content processing system |
-
2007
- 2007-01-04 WO PCT/CA2007/000020 patent/WO2007076613A1/en active Application Filing
- 2007-01-04 JP JP2008548912A patent/JP5019480B2/en active Active
- 2007-01-04 CN CN2007800018709A patent/CN101366238B/en active Active
- 2007-01-04 CA CA2635969A patent/CA2635969C/en active Active
- 2007-01-05 US US11/620,556 patent/US7630379B2/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7203960B1 (en) * | 2003-06-20 | 2007-04-10 | Trend Micro, Inc. | Anti-virus method and system guaranteeing a maximum delay for streaming data |
US20080016568A1 (en) * | 2004-01-13 | 2008-01-17 | Peter Szor | Refining Behavioral Detections for Early Blocking of Malicious Code |
US20060133377A1 (en) * | 2004-12-22 | 2006-06-22 | Intruguard Device, Inc. | System and method for integrated header, state, rate and content anomaly prevention with policy enforcement |
US20060143713A1 (en) * | 2004-12-28 | 2006-06-29 | International Business Machines Corporation | Rapid virus scan using file signature created during file write |
US20070083930A1 (en) * | 2005-10-11 | 2007-04-12 | Jim Dumont | Method, telecommunications node, and computer data signal message for optimizing virus scanning |
US7392544B1 (en) * | 2007-12-18 | 2008-06-24 | Kaspersky Lab, Zao | Method and system for anti-malware scanning with variable scan settings |
Cited By (170)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090307769A1 (en) * | 2006-03-14 | 2009-12-10 | Jon Curnyn | Method and apparatus for providing network security |
US9294487B2 (en) * | 2006-03-14 | 2016-03-22 | Bae Systems Plc | Method and apparatus for providing network security |
US8745179B2 (en) * | 2007-01-31 | 2014-06-03 | Cisco Technology, Inc. | Managing multiple application configuration versions in a heterogeneous network |
US20080181131A1 (en) * | 2007-01-31 | 2008-07-31 | Cisco Technology, Inc. | Managing multiple application configuration versions in a heterogeneous network |
US10104041B2 (en) | 2008-05-16 | 2018-10-16 | Cisco Technology, Inc. | Controlling the spread of interests and content in a content centric network |
US9456054B2 (en) | 2008-05-16 | 2016-09-27 | Palo Alto Research Center Incorporated | Controlling the spread of interests and content in a content centric network |
US9264434B2 (en) * | 2008-06-02 | 2016-02-16 | Polyvalor, Limited Partnership | File presence detection and monitoring |
WO2009146536A1 (en) * | 2008-06-02 | 2009-12-10 | Corporation De L'ecole Polytechnique De Montreal | File presence detection and monitoring |
US20110145267A1 (en) * | 2008-06-02 | 2011-06-16 | Jean-Pierre David | File presence detection and monitoring |
US20100153511A1 (en) * | 2008-12-12 | 2010-06-17 | Verizon Corporate Resources Group Llc | Duplicate mms content checking |
US8495161B2 (en) * | 2008-12-12 | 2013-07-23 | Verizon Patent And Licensing Inc. | Duplicate MMS content checking |
US9686194B2 (en) | 2009-10-21 | 2017-06-20 | Cisco Technology, Inc. | Adaptive multi-interface use for content networking |
US9280546B2 (en) | 2012-10-31 | 2016-03-08 | Palo Alto Research Center Incorporated | System and method for accessing digital content using a location-independent name |
US9400800B2 (en) | 2012-11-19 | 2016-07-26 | Palo Alto Research Center Incorporated | Data transport by named content synchronization |
US10430839B2 (en) | 2012-12-12 | 2019-10-01 | Cisco Technology, Inc. | Distributed advertisement insertion in content-centric networks |
US9978025B2 (en) | 2013-03-20 | 2018-05-22 | Cisco Technology, Inc. | Ordered-element naming for name-based packet forwarding |
US9935791B2 (en) | 2013-05-20 | 2018-04-03 | Cisco Technology, Inc. | Method and system for name resolution across heterogeneous architectures |
US9444722B2 (en) | 2013-08-01 | 2016-09-13 | Palo Alto Research Center Incorporated | Method and apparatus for configuring routing paths in a custodian-based routing architecture |
US9741040B2 (en) * | 2013-08-30 | 2017-08-22 | Sap Se | High-load business process scalability |
US20150066571A1 (en) * | 2013-08-30 | 2015-03-05 | Soeren Balko | High-load business process scalability |
US9407549B2 (en) | 2013-10-29 | 2016-08-02 | Palo Alto Research Center Incorporated | System and method for hash-based forwarding of packets with hierarchically structured variable-length identifiers |
US9276840B2 (en) | 2013-10-30 | 2016-03-01 | Palo Alto Research Center Incorporated | Interest messages with a payload for a named data network |
US9282050B2 (en) * | 2013-10-30 | 2016-03-08 | Palo Alto Research Center Incorporated | System and method for minimum path MTU discovery in content centric networks |
US20150117452A1 (en) * | 2013-10-30 | 2015-04-30 | Palo Alto Research Center Incorporated | System and method for minimum path mtu discovery in content centric networks |
US9401864B2 (en) | 2013-10-31 | 2016-07-26 | Palo Alto Research Center Incorporated | Express header for packets with hierarchically structured variable-length identifiers |
US10129365B2 (en) | 2013-11-13 | 2018-11-13 | Cisco Technology, Inc. | Method and apparatus for pre-fetching remote content based on static and dynamic recommendations |
US10101801B2 (en) | 2013-11-13 | 2018-10-16 | Cisco Technology, Inc. | Method and apparatus for prefetching content in a data stream |
US9311377B2 (en) | 2013-11-13 | 2016-04-12 | Palo Alto Research Center Incorporated | Method and apparatus for performing server handoff in a name-based content distribution system |
US10089655B2 (en) | 2013-11-27 | 2018-10-02 | Cisco Technology, Inc. | Method and apparatus for scalable data broadcasting |
US9503358B2 (en) | 2013-12-05 | 2016-11-22 | Palo Alto Research Center Incorporated | Distance-based routing in an information-centric network |
US9379979B2 (en) | 2014-01-14 | 2016-06-28 | Palo Alto Research Center Incorporated | Method and apparatus for establishing a virtual interface for a set of mutual-listener devices |
US10098051B2 (en) | 2014-01-22 | 2018-10-09 | Cisco Technology, Inc. | Gateways and routing in software-defined manets |
US10172068B2 (en) | 2014-01-22 | 2019-01-01 | Cisco Technology, Inc. | Service-oriented routing in software-defined MANETs |
US9374304B2 (en) | 2014-01-24 | 2016-06-21 | Palo Alto Research Center Incorporated | End-to end route tracing over a named-data network |
US9954678B2 (en) | 2014-02-06 | 2018-04-24 | Cisco Technology, Inc. | Content-based transport security |
US10706029B2 (en) | 2014-02-28 | 2020-07-07 | Cisco Technology, Inc. | Content name resolution for information centric networking |
US9678998B2 (en) | 2014-02-28 | 2017-06-13 | Cisco Technology, Inc. | Content name resolution for information centric networking |
US10089651B2 (en) | 2014-03-03 | 2018-10-02 | Cisco Technology, Inc. | Method and apparatus for streaming advertisements in a scalable data broadcasting system |
US9836540B2 (en) | 2014-03-04 | 2017-12-05 | Cisco Technology, Inc. | System and method for direct storage access in a content-centric network |
US10445380B2 (en) | 2014-03-04 | 2019-10-15 | Cisco Technology, Inc. | System and method for direct storage access in a content-centric network |
US9473405B2 (en) | 2014-03-10 | 2016-10-18 | Palo Alto Research Center Incorporated | Concurrent hashes and sub-hashes on data streams |
US9626413B2 (en) | 2014-03-10 | 2017-04-18 | Cisco Systems, Inc. | System and method for ranking content popularity in a content-centric network |
US9391896B2 (en) | 2014-03-10 | 2016-07-12 | Palo Alto Research Center Incorporated | System and method for packet forwarding using a conjunctive normal form strategy in a content-centric network |
US9407432B2 (en) | 2014-03-19 | 2016-08-02 | Palo Alto Research Center Incorporated | System and method for efficient and secure distribution of digital content |
US9916601B2 (en) | 2014-03-21 | 2018-03-13 | Cisco Technology, Inc. | Marketplace for presenting advertisements in a scalable data broadcasting system |
US9363179B2 (en) | 2014-03-26 | 2016-06-07 | Palo Alto Research Center Incorporated | Multi-publisher routing protocol for named data networks |
US9363086B2 (en) | 2014-03-31 | 2016-06-07 | Palo Alto Research Center Incorporated | Aggregate signing of data in content centric networking |
US9716622B2 (en) | 2014-04-01 | 2017-07-25 | Cisco Technology, Inc. | System and method for dynamic name configuration in content-centric networks |
US9390289B2 (en) | 2014-04-07 | 2016-07-12 | Palo Alto Research Center Incorporated | Secure collection synchronization using matched network names |
US10075521B2 (en) | 2014-04-07 | 2018-09-11 | Cisco Technology, Inc. | Collection synchronization using equality matched network names |
US9451032B2 (en) | 2014-04-10 | 2016-09-20 | Palo Alto Research Center Incorporated | System and method for simple service discovery in content-centric networks |
US9239921B2 (en) | 2014-04-18 | 2016-01-19 | Kaspersky Lab Ao | System and methods of performing antivirus checking in a virtual environment using different antivirus checking techniques |
US8990946B1 (en) * | 2014-04-18 | 2015-03-24 | Kaspersky Lab Zao | System and methods of distributing antivirus checking tasks among virtual machines in a virtual network |
US9992281B2 (en) | 2014-05-01 | 2018-06-05 | Cisco Technology, Inc. | Accountable content stores for information centric networks |
US9609014B2 (en) | 2014-05-22 | 2017-03-28 | Cisco Systems, Inc. | Method and apparatus for preventing insertion of malicious content at a named data network router |
US10158656B2 (en) | 2014-05-22 | 2018-12-18 | Cisco Technology, Inc. | Method and apparatus for preventing insertion of malicious content at a named data network router |
US9455835B2 (en) | 2014-05-23 | 2016-09-27 | Palo Alto Research Center Incorporated | System and method for circular link resolution with hash-based names in content-centric networks |
US9276751B2 (en) | 2014-05-28 | 2016-03-01 | Palo Alto Research Center Incorporated | System and method for circular link resolution with computable hash-based names in content-centric networks |
US9516144B2 (en) | 2014-06-19 | 2016-12-06 | Palo Alto Research Center Incorporated | Cut-through forwarding of CCNx message fragments with IP encapsulation |
US9537719B2 (en) | 2014-06-19 | 2017-01-03 | Palo Alto Research Center Incorporated | Method and apparatus for deploying a minimal-cost CCN topology |
US9426113B2 (en) | 2014-06-30 | 2016-08-23 | Palo Alto Research Center Incorporated | System and method for managing devices over a content centric network |
US9699198B2 (en) | 2014-07-07 | 2017-07-04 | Cisco Technology, Inc. | System and method for parallel secure content bootstrapping in content-centric networks |
US9621354B2 (en) | 2014-07-17 | 2017-04-11 | Cisco Systems, Inc. | Reconstructable content objects |
US9959156B2 (en) | 2014-07-17 | 2018-05-01 | Cisco Technology, Inc. | Interest return control message |
US10237075B2 (en) | 2014-07-17 | 2019-03-19 | Cisco Technology, Inc. | Reconstructable content objects |
US10305968B2 (en) | 2014-07-18 | 2019-05-28 | Cisco Technology, Inc. | Reputation-based strategy for forwarding and responding to interests over a content centric network |
US9729616B2 (en) | 2014-07-18 | 2017-08-08 | Cisco Technology, Inc. | Reputation-based strategy for forwarding and responding to interests over a content centric network |
US9590887B2 (en) | 2014-07-18 | 2017-03-07 | Cisco Systems, Inc. | Method and system for keeping interest alive in a content centric network |
US9929935B2 (en) | 2014-07-18 | 2018-03-27 | Cisco Technology, Inc. | Method and system for keeping interest alive in a content centric network |
US9535968B2 (en) | 2014-07-21 | 2017-01-03 | Palo Alto Research Center Incorporated | System for distributing nameless objects using self-certifying names |
US9882964B2 (en) | 2014-08-08 | 2018-01-30 | Cisco Technology, Inc. | Explicit strategy feedback in name-based forwarding |
US9729662B2 (en) | 2014-08-11 | 2017-08-08 | Cisco Technology, Inc. | Probabilistic lazy-forwarding technique without validation in a content centric network |
US9503365B2 (en) | 2014-08-11 | 2016-11-22 | Palo Alto Research Center Incorporated | Reputation-based instruction processing over an information centric network |
US9391777B2 (en) | 2014-08-15 | 2016-07-12 | Palo Alto Research Center Incorporated | System and method for performing key resolution over a content centric network |
US9467492B2 (en) | 2014-08-19 | 2016-10-11 | Palo Alto Research Center Incorporated | System and method for reconstructable all-in-one content stream |
US9800637B2 (en) | 2014-08-19 | 2017-10-24 | Cisco Technology, Inc. | System and method for all-in-one content stream in content-centric networks |
US10367871B2 (en) | 2014-08-19 | 2019-07-30 | Cisco Technology, Inc. | System and method for all-in-one content stream in content-centric networks |
US9497282B2 (en) | 2014-08-27 | 2016-11-15 | Palo Alto Research Center Incorporated | Network coding for content-centric network |
US10204013B2 (en) | 2014-09-03 | 2019-02-12 | Cisco Technology, Inc. | System and method for maintaining a distributed and fault-tolerant state over an information centric network |
US11314597B2 (en) | 2014-09-03 | 2022-04-26 | Cisco Technology, Inc. | System and method for maintaining a distributed and fault-tolerant state over an information centric network |
US9553812B2 (en) | 2014-09-09 | 2017-01-24 | Palo Alto Research Center Incorporated | Interest keep alives at intermediate routers in a CCN |
US10069933B2 (en) | 2014-10-23 | 2018-09-04 | Cisco Technology, Inc. | System and method for creating virtual interfaces based on network characteristics |
US10715634B2 (en) | 2014-10-23 | 2020-07-14 | Cisco Technology, Inc. | System and method for creating virtual interfaces based on network characteristics |
US9536059B2 (en) | 2014-12-15 | 2017-01-03 | Palo Alto Research Center Incorporated | Method and system for verifying renamed content using manifests in a content centric network |
US9590948B2 (en) | 2014-12-15 | 2017-03-07 | Cisco Systems, Inc. | CCN routing using hardware-assisted hash tables |
US10237189B2 (en) | 2014-12-16 | 2019-03-19 | Cisco Technology, Inc. | System and method for distance-based interest forwarding |
US9846881B2 (en) | 2014-12-19 | 2017-12-19 | Palo Alto Research Center Incorporated | Frugal user engagement help systems |
US10003520B2 (en) | 2014-12-22 | 2018-06-19 | Cisco Technology, Inc. | System and method for efficient name-based content routing using link-state information in information-centric networks |
US9473475B2 (en) | 2014-12-22 | 2016-10-18 | Palo Alto Research Center Incorporated | Low-cost authenticated signing delegation in content centric networking |
US10091012B2 (en) | 2014-12-24 | 2018-10-02 | Cisco Technology, Inc. | System and method for multi-source multicasting in content-centric networks |
US9660825B2 (en) | 2014-12-24 | 2017-05-23 | Cisco Technology, Inc. | System and method for multi-source multicasting in content-centric networks |
US9954795B2 (en) | 2015-01-12 | 2018-04-24 | Cisco Technology, Inc. | Resource allocation using CCN manifests |
US9602596B2 (en) | 2015-01-12 | 2017-03-21 | Cisco Systems, Inc. | Peer-to-peer sharing in a content centric network |
US9916457B2 (en) | 2015-01-12 | 2018-03-13 | Cisco Technology, Inc. | Decoupled name security binding for CCN objects |
US9832291B2 (en) | 2015-01-12 | 2017-11-28 | Cisco Technology, Inc. | Auto-configurable transport stack |
US9946743B2 (en) | 2015-01-12 | 2018-04-17 | Cisco Technology, Inc. | Order encoded manifests in a content centric network |
US10440161B2 (en) | 2015-01-12 | 2019-10-08 | Cisco Technology, Inc. | Auto-configurable transport stack |
US9462006B2 (en) | 2015-01-21 | 2016-10-04 | Palo Alto Research Center Incorporated | Network-layer application-specific trust model |
US9552493B2 (en) | 2015-02-03 | 2017-01-24 | Palo Alto Research Center Incorporated | Access control framework for information centric networking |
US10333840B2 (en) | 2015-02-06 | 2019-06-25 | Cisco Technology, Inc. | System and method for on-demand content exchange with adaptive naming in information-centric networks |
US10075401B2 (en) | 2015-03-18 | 2018-09-11 | Cisco Technology, Inc. | Pending interest table behavior |
US10116605B2 (en) | 2015-06-22 | 2018-10-30 | Cisco Technology, Inc. | Transport stack name scheme and identity management |
US10075402B2 (en) | 2015-06-24 | 2018-09-11 | Cisco Technology, Inc. | Flexible command and control in content centric networks |
US10701038B2 (en) | 2015-07-27 | 2020-06-30 | Cisco Technology, Inc. | Content negotiation in a content centric network |
US9986034B2 (en) | 2015-08-03 | 2018-05-29 | Cisco Technology, Inc. | Transferring state in content centric network stacks |
US10610144B2 (en) | 2015-08-19 | 2020-04-07 | Palo Alto Research Center Incorporated | Interactive remote patient monitoring and condition management intervention system |
US10419345B2 (en) | 2015-09-11 | 2019-09-17 | Cisco Technology, Inc. | Network named fragments in a content centric network |
US9832123B2 (en) | 2015-09-11 | 2017-11-28 | Cisco Technology, Inc. | Network named fragments in a content centric network |
US10355999B2 (en) | 2015-09-23 | 2019-07-16 | Cisco Technology, Inc. | Flow control with network named fragments |
US9977809B2 (en) | 2015-09-24 | 2018-05-22 | Cisco Technology, Inc. | Information and data framework in a content centric network |
US10313227B2 (en) | 2015-09-24 | 2019-06-04 | Cisco Technology, Inc. | System and method for eliminating undetected interest looping in information-centric networks |
US10454820B2 (en) | 2015-09-29 | 2019-10-22 | Cisco Technology, Inc. | System and method for stateless information-centric networking |
US10263965B2 (en) | 2015-10-16 | 2019-04-16 | Cisco Technology, Inc. | Encrypted CCNx |
US10129230B2 (en) | 2015-10-29 | 2018-11-13 | Cisco Technology, Inc. | System for key exchange in a content centric network |
US9794238B2 (en) | 2015-10-29 | 2017-10-17 | Cisco Technology, Inc. | System for key exchange in a content centric network |
US10009446B2 (en) | 2015-11-02 | 2018-06-26 | Cisco Technology, Inc. | Header compression for CCN messages using dictionary learning |
US9807205B2 (en) | 2015-11-02 | 2017-10-31 | Cisco Technology, Inc. | Header compression for CCN messages using dictionary |
US10021222B2 (en) | 2015-11-04 | 2018-07-10 | Cisco Technology, Inc. | Bit-aligned header compression for CCN messages using dictionary |
US10097521B2 (en) | 2015-11-20 | 2018-10-09 | Cisco Technology, Inc. | Transparent encryption in a content centric network |
US10681018B2 (en) | 2015-11-20 | 2020-06-09 | Cisco Technology, Inc. | Transparent encryption in a content centric network |
US9912776B2 (en) | 2015-12-02 | 2018-03-06 | Cisco Technology, Inc. | Explicit content deletion commands in a content centric network |
US10097346B2 (en) | 2015-12-09 | 2018-10-09 | Cisco Technology, Inc. | Key catalogs in a content centric network |
US10078062B2 (en) | 2015-12-15 | 2018-09-18 | Palo Alto Research Center Incorporated | Device health estimation by combining contextual information with sensor data |
US10257271B2 (en) | 2016-01-11 | 2019-04-09 | Cisco Technology, Inc. | Chandra-Toueg consensus in a content centric network |
US10581967B2 (en) | 2016-01-11 | 2020-03-03 | Cisco Technology, Inc. | Chandra-Toueg consensus in a content centric network |
US9949301B2 (en) | 2016-01-20 | 2018-04-17 | Palo Alto Research Center Incorporated | Methods for fast, secure and privacy-friendly internet connection discovery in wireless networks |
US10305864B2 (en) | 2016-01-25 | 2019-05-28 | Cisco Technology, Inc. | Method and system for interest encryption in a content centric network |
US10043016B2 (en) | 2016-02-29 | 2018-08-07 | Cisco Technology, Inc. | Method and system for name encryption agreement in a content centric network |
US10051071B2 (en) | 2016-03-04 | 2018-08-14 | Cisco Technology, Inc. | Method and system for collecting historical network information in a content centric network |
US10469378B2 (en) | 2016-03-04 | 2019-11-05 | Cisco Technology, Inc. | Protocol to query for historical network information in a content centric network |
US10038633B2 (en) | 2016-03-04 | 2018-07-31 | Cisco Technology, Inc. | Protocol to query for historical network information in a content centric network |
US10003507B2 (en) | 2016-03-04 | 2018-06-19 | Cisco Technology, Inc. | Transport session state protocol |
US10742596B2 (en) | 2016-03-04 | 2020-08-11 | Cisco Technology, Inc. | Method and system for reducing a collision probability of hash-based names using a publisher identifier |
US10129368B2 (en) | 2016-03-14 | 2018-11-13 | Cisco Technology, Inc. | Adjusting entries in a forwarding information base in a content centric network |
US9832116B2 (en) | 2016-03-14 | 2017-11-28 | Cisco Technology, Inc. | Adjusting entries in a forwarding information base in a content centric network |
US10212196B2 (en) | 2016-03-16 | 2019-02-19 | Cisco Technology, Inc. | Interface discovery and authentication in a name-based network |
US10067948B2 (en) | 2016-03-18 | 2018-09-04 | Cisco Technology, Inc. | Data deduping in content centric networking manifests |
US11436656B2 (en) | 2016-03-18 | 2022-09-06 | Palo Alto Research Center Incorporated | System and method for a real-time egocentric collaborative filter on large datasets |
US10091330B2 (en) | 2016-03-23 | 2018-10-02 | Cisco Technology, Inc. | Interest scheduling by an information and data framework in a content centric network |
US10033639B2 (en) | 2016-03-25 | 2018-07-24 | Cisco Technology, Inc. | System and method for routing packets in a content centric network using anonymous datagrams |
US10320760B2 (en) | 2016-04-01 | 2019-06-11 | Cisco Technology, Inc. | Method and system for mutating and caching content in a content centric network |
US10348865B2 (en) | 2016-04-04 | 2019-07-09 | Cisco Technology, Inc. | System and method for compressing content centric networking messages |
US9930146B2 (en) | 2016-04-04 | 2018-03-27 | Cisco Technology, Inc. | System and method for compressing content centric networking messages |
US10425503B2 (en) | 2016-04-07 | 2019-09-24 | Cisco Technology, Inc. | Shared pending interest table in a content centric network |
US10027578B2 (en) | 2016-04-11 | 2018-07-17 | Cisco Technology, Inc. | Method and system for routable prefix queries in a content centric network |
US10841212B2 (en) | 2016-04-11 | 2020-11-17 | Cisco Technology, Inc. | Method and system for routable prefix queries in a content centric network |
US10404450B2 (en) | 2016-05-02 | 2019-09-03 | Cisco Technology, Inc. | Schematized access control in a content centric network |
US10320675B2 (en) | 2016-05-04 | 2019-06-11 | Cisco Technology, Inc. | System and method for routing packets in a stateless content centric network |
US10547589B2 (en) | 2016-05-09 | 2020-01-28 | Cisco Technology, Inc. | System for implementing a small computer systems interface protocol over a content centric network |
US10084764B2 (en) | 2016-05-13 | 2018-09-25 | Cisco Technology, Inc. | System for a secure encryption proxy in a content centric network |
US10404537B2 (en) | 2016-05-13 | 2019-09-03 | Cisco Technology, Inc. | Updating a transport stack in a content centric network |
US10693852B2 (en) | 2016-05-13 | 2020-06-23 | Cisco Technology, Inc. | System for a secure encryption proxy in a content centric network |
US10063414B2 (en) | 2016-05-13 | 2018-08-28 | Cisco Technology, Inc. | Updating a transport stack in a content centric network |
US10103989B2 (en) | 2016-06-13 | 2018-10-16 | Cisco Technology, Inc. | Content object return messages in a content centric network |
US10305865B2 (en) | 2016-06-21 | 2019-05-28 | Cisco Technology, Inc. | Permutation-based content encryption with manifests in a content centric network |
US10581741B2 (en) | 2016-06-27 | 2020-03-03 | Cisco Technology, Inc. | Method and system for interest groups in a content centric network |
US10148572B2 (en) | 2016-06-27 | 2018-12-04 | Cisco Technology, Inc. | Method and system for interest groups in a content centric network |
US10009266B2 (en) | 2016-07-05 | 2018-06-26 | Cisco Technology, Inc. | Method and system for reference counted pending interest tables in a content centric network |
US9992097B2 (en) | 2016-07-11 | 2018-06-05 | Cisco Technology, Inc. | System and method for piggybacking routing information in interests in a content centric network |
US10122624B2 (en) | 2016-07-25 | 2018-11-06 | Cisco Technology, Inc. | System and method for ephemeral entries in a forwarding information base in a content centric network |
US10069729B2 (en) | 2016-08-08 | 2018-09-04 | Cisco Technology, Inc. | System and method for throttling traffic based on a forwarding information base in a content centric network |
US10956412B2 (en) | 2016-08-09 | 2021-03-23 | Cisco Technology, Inc. | Method and system for conjunctive normal form attribute matching in a content centric network |
US11349852B2 (en) * | 2016-08-31 | 2022-05-31 | Wedge Networks Inc. | Apparatus and methods for network-based line-rate detection of unknown malware |
US10033642B2 (en) | 2016-09-19 | 2018-07-24 | Cisco Technology, Inc. | System and method for making optimal routing decisions based on device-specific parameters in a content centric network |
US10212248B2 (en) | 2016-10-03 | 2019-02-19 | Cisco Technology, Inc. | Cache management on high availability routers in a content centric network |
US10897518B2 (en) | 2016-10-03 | 2021-01-19 | Cisco Technology, Inc. | Cache management on high availability routers in a content centric network |
US10447805B2 (en) | 2016-10-10 | 2019-10-15 | Cisco Technology, Inc. | Distributed consensus in a content centric network |
US10135948B2 (en) | 2016-10-31 | 2018-11-20 | Cisco Technology, Inc. | System and method for process migration in a content centric network |
US10721332B2 (en) | 2016-10-31 | 2020-07-21 | Cisco Technology, Inc. | System and method for process migration in a content centric network |
US10243851B2 (en) | 2016-11-21 | 2019-03-26 | Cisco Technology, Inc. | System and method for forwarder connection information in a content centric network |
Also Published As
Publication number | Publication date |
---|---|
WO2007076613A1 (en) | 2007-07-12 |
CN101366238B (en) | 2012-06-27 |
CA2635969C (en) | 2014-09-30 |
CN101366238A (en) | 2009-02-11 |
US7630379B2 (en) | 2009-12-08 |
JP2009522672A (en) | 2009-06-11 |
JP5019480B2 (en) | 2012-09-05 |
CA2635969A1 (en) | 2007-07-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7630379B2 (en) | Systems and methods for improved network based content inspection | |
US9729655B2 (en) | Managing transfer of data in a data network | |
US11876833B2 (en) | Software defined networking moving target defense honeypot | |
US8767551B2 (en) | System and method for flow table management | |
TWI345397B (en) | Method and system for stale data detection based quality of service | |
US8463901B2 (en) | Stateful flow information table method and system for packet inspection system | |
US9356844B2 (en) | Efficient application recognition in network traffic | |
US20160197951A1 (en) | Method and system for virtual asset assisted extrusion and intrusion detection and threat scoring in a cloud computing environment | |
US8738906B1 (en) | Traffic classification and control on a network node | |
US7774413B2 (en) | Email message hygiene stamp | |
US20110040830A1 (en) | Web service multi-key rate limiting method and system | |
JP2017505578A (en) | System and method for a software defined protocol network node | |
US20080313708A1 (en) | Data content matching | |
CN103444137A (en) | Prioritizing network traffic | |
US8787391B2 (en) | Techniques for using the network as a memory device | |
US11349852B2 (en) | Apparatus and methods for network-based line-rate detection of unknown malware | |
WO2020037781A1 (en) | Anti-attack method and device for server | |
CN107769992B (en) | Message parsing and shunting method and device | |
US20070008971A1 (en) | Systems and methods for passing network traffic data | |
US9122546B1 (en) | Rapid processing of event notifications | |
US8874646B2 (en) | Message managing system, message managing method and recording medium storing program for that method execution | |
CN116094651A (en) | Message retry method, system, electronic device and storage medium | |
CN117336262A (en) | Unidirectional message transmission method, unidirectional message transmission device, storage medium and unidirectional message transmission equipment | |
CN117375857A (en) | Message processing method, device, system and related equipment | |
GB2399199A (en) | Data packet classification system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: WIRELESS EDGE CANADA INC., CANADA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:MORISHITA, ISAO;ZHANG, HONGWEN;KINAWI, HUSAM;REEL/FRAME:019120/0856;SIGNING DATES FROM 20070123 TO 20070125 |
|
AS | Assignment |
Owner name: WEDGE NETWORKS INC., CANADA Free format text: CHANGE OF NAME;ASSIGNOR:WIRELESS EDGE CANADA INC.;REEL/FRAME:021632/0977 Effective date: 20071105 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2553); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY Year of fee payment: 12 |